It is designed to steal users' confidential information related to certain Brazilian banking entities and other web services, like Hotmail. It is distributed via email messages using the news about the tragedy of the Chilean miners.

Affected platforms:

Windows 2003/XP/2000/NT/ME/98/95

First detected on:

Sept. 1, 2010

Detection updated on:

Sept. 6, 2010

Statistics

No

Brief Description

Banbra.GUC is a Trojan designed to steal users' confidential information, like banking details and passwords belonging to certain banking entities and other web services, like Hotmail.

In order to do so, when users access any of the affected websites, the Trojan closes the browser and opens another which displays the original one so that users enter their access data.

The harvested information is stored in a file and then sent via email to its creator.

Banbra.GUC is distributed via email in messages related to the news about the tragedy of the miners trapped in a mine in Chile.

Visible Symptoms

Banbra.GUC is easy to recognize, as it shows the symptoms below:

It reaches the computer with the following icon:

When this file is run, the Internet Explorer browser is opened showing a Youtube video of a news channel about the rescue of the Chilean miners trapped in a mine several days ago.